Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-06-15	Polkit 0.105-26 0.117-2 – Local Privilege Escalation	local	linux	J Smith
2021-06-15	Brother BRAgent 1.38 – ‘WBA_Agent_Client’ Unquoted Service Path	local	windows	Brian Rodriguez
2021-06-15	SysGauge 7.9.18 – ‘ SysGauge Server’ Unquoted Service Path	local	windows	Brian Rodriguez
2021-06-14	Accela Civic Platform 21.1 – ‘successURL’ Cross-Site-Scripting (XSS)	webapps	multiple	Abdulazeez Alaseeri
2021-06-14	Tftpd64 4.64 – ‘Tftpd32_svc’ Unquoted Service Path	local	windows	Brian Rodriguez
2021-06-14	Notex the best notes 6.4 – Denial of Service (PoC)	dos	ios	Geovanni Ruiz
2021-06-14	Post-it 5.0.1 – Denial of Service (PoC)	dos	ios	Geovanni Ruiz
2021-06-14	Secure Notepad Private Notes 3.0.3 – Denial of Service (PoC)	dos	ios	Geovanni Ruiz
2021-06-14	WibuKey Runtime 6.51 – ‘WkSvW32.exe’ Unquoted Service Path	local	windows	Brian Rodriguez
2021-06-14	OpenEMR 5.0.1.3 – ‘manage_site_files’ Remote Code Execution (Authenticated)	webapps	php	Ron Jost
2021-06-14	Spy Emergency 25.0.650 – ‘Multiple’ Unquoted Service Path	local	windows	Erick Galindo
2021-06-14	TextPattern CMS 4.8.7 – Remote Command Execution (Authenticated)	webapps	php	Mert Daş
2021-06-14	Small CRM 3.0 – ‘Authentication Bypass’ SQL Injection	webapps	php	BHAVESH KAUL
2021-06-14	Stock Management System 1.0 – ‘user_id’ Blind SQL injection (Authenticated)	webapps	php	Riadh Benlamine
2021-06-14	COVID19 Testing Management System 1.0 – ‘State’ Stored Cross-Site-Scripting (XSS)	webapps	php	BHAVESH KAUL
2021-06-14	GLPI 9.4.5 – Remote Code Execution (RCE)	webapps	php	Brian Peters
2021-06-14	Accela Civic Platform 21.1 – ‘contactSeqNumber’ Insecure Direct Object References (IDOR)	webapps	multiple	Abdulazeez Alaseeri
2021-06-11	WoWonder Social Network Platform 3.1 – Authentication Bypass	webapps	php	securityforeveryone.com
2021-06-11	Zenario CMS 8.8.52729 – ‘cID’ SQL injection (Authenticated)	webapps	php	Avinash R
2021-06-11	Solar-Log 500 2.8.2 – Unprotected Storage of Credentials	webapps	multiple	Luca.Chiou
2021-06-11	Solar-Log 500 2.8.2 – Incorrect Access Control	webapps	multiple	Luca.Chiou
2021-06-11	Grocery crud 1.6.4 – ‘order_by’ SQL Injection	webapps	multiple	TonyShavez
2021-06-11	WordPress Plugin Database Backups 1.2.2.6 – ‘Database Backup Download’ CSRF	webapps	php	0xB9
2021-06-11	OpenEMR 5.0.0 – Remote Code Execution (Authenticated)	webapps	php	Ron Jost
2021-06-11	Microsoft SharePoint Server 16.0.10372.20060 – ‘GetXmlDataFromDataSource’ Server-Side Request Forgery (SSRF)	webapps	windows	Alex Birnberg
2021-06-11	Cerberus FTP Web Service 11 – ‘svg’ Stored Cross-Site Scripting (XSS)	webapps	multiple	Mohammad Hossein Kaviyany
2021-06-11	Accela Civic Platform 21.1 – ‘servProvCode’ Cross-Site-Scripting (XSS)	webapps	multiple	Abdulazeez Alaseeri
2021-06-10	n+otes 1.6.2 – Denial of Service (PoC)	dos	ios	Geovanni Ruiz
2021-06-10	Sticky Notes Widget Version 3.0.6 – Denial of Service (PoC)	dos	ios	Geovanni Ruiz
2021-06-10	memono Notepad Version 4.2 – Denial of Service (PoC)	local	ios	Geovanni Ruiz
2021-06-10	TextPattern CMS 4.8.7 – Stored Cross-Site Scripting (XSS)	webapps	php	Mert Daş
2021-06-10	Student Result Management System 1.0 – ‘class’ SQL Injection	webapps	php	Riadh Benlamine
2021-06-09	GravCMS 1.10.7 – Arbitrary YAML Write/Update (Unauthenticated) (2)	webapps	php	legend
2021-06-09	WordPress Plugin visitors-app 0.3 – ‘user-agent’ Stored Cross-Site Scripting (XSS)	webapps	php	Mesut Cetin
2021-06-09	OpenCart 3.0.3.6 – ‘subject’ Stored Cross-Site Scripting	webapps	php	Mert Daş
2021-06-09	OpenCart 3.0.3.7 – ‘Change Password’ Cross-Site Request Forgery (CSRF)	webapps	php	Mert Daş
2021-06-09	Intelbras Router RF 301K – ‘DNS Hijacking’ Cross-Site Request Forgery (CSRF)	webapps	hardware	Rodolfo Mariano
2021-06-08	WordPress Plugin wpDiscuz 7.0.4 – Remote Code Execution (Unauthenticated)	webapps	php	Fellipe Oliveira
2021-06-08	Backup Key Recovery 2.2.7 – Denial of Service (PoC)	local	windows	Erick Galindo
2021-06-08	Nsauditor 3.2.3 – Denial of Service (PoC)	dos	windows	Erick Galindo
2021-06-08	NBMonitor 1.6.8 – Denial of Service (PoC)	dos	windows	Erick Galindo
2021-06-07	WordPress Plugin wpDiscuz 7.0.4 – Arbitrary File Upload (Unauthenticated)	webapps	php	UnD3sc0n0c1d0
2021-06-07	Grav CMS 1.7.10 – Server-Side Template Injection (SSTI) (Authenticated)	webapps	php	enox
2021-06-07	Rocket.Chat 3.12.1 – NoSQL Injection (Unauthenticated)	webapps	linux	enox
2021-06-07	IcoFX 2.6 – ‘.ico’ Buffer Overflow SEH + DEP Bypass using JOP	local	windows	Austin Babcock
2021-06-07	WordPress Plugin Smart Slider-3 3.5.0.8 – ‘name’ Stored Cross-Site Scripting (XSS)	webapps	php	Hardik Solanki
2021-06-07	Sticky Notes & Color Widgets 1.4.2 – Denial of Service (PoC)	dos	ios	Geovanni Ruiz
2021-06-07	OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306 – Remote Code Execution (Authenticated)	webapps	hardware	SecNigma
2021-06-04	My Notes Safe 5.3 – Denial of Service (PoC)	dos	ios	Geovanni Ruiz
2021-06-04	Macaron Notes great notebook 5.5 – Denial of Service (PoC)	dos	ios	Geovanni Ruiz